Cody Brocious -- a Mozilla dev and security researcher -- presented a paper on a vulnerability in hotel-door locks last month at Black Hat. Many electronic hotel door-locks made by Onity have a small DC power-port that also supplies data beneath them. Brocious showed that if he plugs an Arduino into these locks, reads out the 24-bit number sitting there, and re-transmits it to them, some appreciable fraction of them (but not all of them) spring open.
Testing a standard Onity lock he ordered online, he’s able to easily bypass the card reader and trigger the opening mechanism every time. But on three Onity locks installed on real hotel doors he and I tested at well-known independent and franchise hotels in New York, results were much more mixed: Only one of the three opened, and even that one only worked on the second try, with Brocious taking a break to tweak his software between tests.
Even with an unreliable method, however, Brocious’s work–and his ability to open one out of the three doors we tested without a key–suggests real flaws in Onity’s security architecture. And Brocious says he plans to release all his research in a paper as well as source code through his website following his talk, potentially enabling others to perfect his methods.
Brocious’s exploit works by spoofing a portable programming device that hotel staff use to control a facility’s locks and set which master keys open which doors. The portable programmer, which plugs into the DC port under the locks, can also open any door, even providing power through that port to trigger the mechanism of a door lock in which the battery has run out.
Hacker Will Expose Potential Security Flaw In Four Million Hotel Room Keycard Locks
I suffer from mild RSI: a warning to stop, but one that goes away when I do stop. The trigger is using a mouse for extended periods. The alternatives for general everyday computer use aren’t great for my work habits, which center on precise pointing and clicking, so I’m in the bad habit of mousing […]
I got one of those bug-zapping LED lightbulbs, in hopes of murdering the flies drifting into my office during the increasingly warm and muggy Pennsylvania summer. I got mine from Home Depot, but the bulbs at Lowes, Wal-Mart and Amazon are all obviously identical. There are two lights in each bulb: an ultraviolet one inside […]
Did you buy a useless $400 “smart” juicer and now feel the need to accessorize it with more extrusions from the Internet of Shit timeline? Then The Leaf from Teaforia is just the thing: it’s a tea-maker that uses DRM-locked tea-pods to brew tea in your kitchen so you don’t have to endure the hassle […]
If you struggle to get a good night’s rest, consider replacing your pillows before dropping hundreds on a new mattress. You can give your tired neck a break with a 2-pack of memory foam pillows, available now in the Boing Boing Store.Each of these pillows is stuffed with cooling polyurethane foam that molds to your […]
Although flagship smartphones are unlikely to adopt heavy-duty outer casing anytime soon, you can always prepare your device for the outdoors with a beefy case and and an external battery like this Nomad Tile Trackable PowerPack, available in the Boing Boing Store for $119.95.The Nomad Tile can fully recharge an iPhone 7 over three times […]
Even though credit cards now feature an EMV chip for securing transactions, they still have to include the magnetic strip for compatibility with older point of sale systems. Because of this, there’s no way for the chip’s new security capabilities to protect against card skimmers in the wild.How do you protect yourself from legacy-technology-induced fraud? […]